Presentation is loading. Please wait.

Presentation is loading. Please wait.

Chapter 6 Software Implementation Process Group

Published byLesley Ramsey Modified over 8 years ago

Similar presentations

Presentation on theme: "Chapter 6 Software Implementation Process Group"— Presentation transcript:

1 Chapter 6 Software Implementation Process Group
Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition Chapter 6 Software Implementation Process Group

2 Objectives Understand the role and purpose of the software processes in ICT work Understand how software requirements are translated into a working solution Understand how the integrity of a software product or service is sustained through the use of rational processes defined by ISO in combination with other industry standards Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

3 Overview of Software Implementation Process Group
Software implementation process group: aimed at producing a specific software element that is implemented as a software product or service Itemizes a complete set of activities that might be undertaken by an organization fulfilling the role of implementer or developer The standard states that this process group is used to produce a specific system element implemented in software Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

4 Overview of Software Implementation Process Group
Consists of six lower-level processes that are part of two categories of software implementation: design or realization Used to create design solutions for the system: The software requirements process (7.1.2), software architectural design process (7.1.3), and software detailed design process (7.1.4) Used to realize the architectural design: The software construction process (7.1.5), software integration process (7.1.6), and software qualification testing process (7.1.7) Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

5 Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

6 Overview of Software Implementation Process Group
Each implemented software module should be constructed, tested, and verified using the verification process (7.2.4) Should be validated using the validation process (7.2.5) The overall goal of this process group is to deliver a satisfactory system, software product, or software service The total process requires the developer to designate a project lifecycle model As well as a set of standardized methods and tools Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

7 Overview of Software Implementation Process Group
The implementing organization is obliged by the standard to document all outputs using the documentation process and to document all control changes using the configuration management process Any difficulties should be resolved by employing the problem resolution process The course of actions used to identify, understand, and resolve problems that occur during software development Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

8 The Software Implementation Process (7.1.1)
First, the organization must decide which lifecycle model to use By following the recommendations of the ISO lifecycle model management process The standard recommends that choices made in this part of the process should be based on: The project’s size, scope and complexity The standard itemizes a complete set of activities Organization does not have to adopt all of them The implementer tailors the standards and tools to meet project needs Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

9 The Software Implementation Process (7.1.1)
Outputs of implementation are documented based on the activities of the software documentation management process Change control is implemented according to the software configuration management process Problems are documented and resolved through the activities of the software problem resolution process Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

10 The Software Implementation Process (7.1.1)
The next step in the setup stage is planning The plans can have several layers of detail At least one comprehensive long-term plan is needed for the entire lifecycle Focused plans might also be needed to map the course of particular activities A good plan is essential It creates a mutually understood basis for process assessment and management control across the organization Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

11 The Software Implementation Process (7.1.1)
Once the deliverable is transferred to the acquiring organization: The product’s operation and maintenance must not be dependent on any “nondeliverable” items such as compilers or other system utilities unique to the implementer If the successful operation of a product depends on components that are not part of the deliverable: The product is guaranteed to fail Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

12 Detail of Software Implementation Process: Software Implementation Strategy
The details of the software implementation process should include the following items in the lifecycle model: The activities and tasks to be completed A schedule for when the activities and tasks should be completed The people responsible for completing each activity and task Guidance for developing these models can be found by referring to the IEEE 1074 Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

13 Detail of Software Implementation Process: Software Implementation Strategy
The document management process requires the recording of information in some form of media There is a trend toward using collaboration management and knowledge management systems Document management promotes repeatability that leads to continual process improvement Also useful to help organizations establish information assurance policies and procedures for each phase of the process Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

14 Detail of Software Implementation Process: Software Implementation Strategy
An important aspect of this strategy is to determine how problems will be documented and resolved The implementer can use a grading method Through which specific software items pass as part of configuration control Configuration control determines who controls changes to the software product The standard recommends the implementer document which people have authority to approve making changes Usually a configuration control board Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

15 Detail of Software Implementation Process: Software Implementation Strategy
The standard stipulates that the implementer should select appropriate standards, methods, tools, and computer languages for the project All resources used during software implementation must be consistent across the board In addition to selecting the above, the implementer should also plan for their use within the software implementation process Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

16 The Software Requirements Analysis Process (7.1.2)
Software requirements analysis: the process of identifying and documenting the specific needs of a software product Considered on of the most critical areas of software implementation The ISO standard itemizes a set of criteria that must be met for the software requirements specification (SRS) to be approved as correct Serves as a general table of contents for the deliverable Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

17 The Software Requirements Analysis Process (7.1.2)
The standard stipulates that the SRS must contain a valid set of functional and qualitative requirements The standard requires a separate listing of the inherent performance, physical characteristics, and environmental conditions under which the software item is to perform The standard also requires: Explicit representation of all interfaces The implementer define a set of qualification criteria for each software item Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

18 The Software Requirements Analysis Process (7.1.2)
The standard stipulates that the SRS must consider: Methods of operation and maintenance Environmental influences Potentials for personnel injury from each software item The compromise of sensitive information Requires the specification to consider a range of ergonomic elements including: Manual operations, human-equipment interactions, constraints on personnel, etc… Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

19 The Software Requirements Analysis Process (7.1.2)
Any definitions and requirements determined by the implementer must be explicitly considered and itemized The SRS must itemize installation and acceptance requirements Must also consider all user documentation and aspects of anticipated operation, maintenance, and execution The implementer must conduct a software review in accordance with ISO 12207 Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

20 Detail of Software Requirements Analysis Process
Software requirements analysis may sometimes be referred to as: Requirements engineering Software requirements The ISO standard refers to it as software requirements analysis Software requirements identify the needs and constraints placed on a product to solve the problem Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

21 Detail of Software Requirements Analysis Process
Software requirements is performed by the implementer on each software item included in the system architecture Purpose of analysis is to identify and document the requirements for each software item as a basis for its design And to assure that each requirement is traceable, consistent, testable, and feasible The end result is a document that describes each requirement Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

22 Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

23 The Software Architecture Design Process (7.1.3)
Software architecture design: the translation of software requirements into a high-level design Often treated as a two-step stage of development The implementer establishes an explicit and consistent software architecture using software requirements analysis The goal is to incorporate every requirement into a logical model that represents the top-level model By itemizing its basic components and relationships Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

24 The Software Architecture Design Process (7.1.3)
The standard requires the implementer to: Define and document a top-level design for the interfaces between software items Develop and document a top-level design for the database Create preliminary versions of the user documentation Conduct initial planning for the test requirements and determine the schedule for software integration Conduct reviews in accordance with the software review process Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

25 Detail of Software Architecture Design Activity
Architecture should be described with multiple viewpoints Each of which illuminates properties of an aspect of design Commonly included viewpoints are: Logical view - shows software functionality Process view - shows the correlation between software processes Physical view - shows distribution of components Development view - shows decomposition of software artifacts Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

26 Detail of Software Architecture Design Activity
The appropriate viewpoints of software project must be adequately presented before they can be transformed into a detailed design in the next stage of the process An international standard exists to aid the implementer: ISO/IEC 42010 Its purpose is to provide a set of guidelines for identifying the appropriate set of viewpoints for a software project Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

27 The Software Detailed Design Process (7.1.4)
Software detailed design - the activity most commonly connected with software engineering The implementer produces the detailed design for each of the software units defined in the top-level architecture The standard stipulates that all requirements defined in the SRS must be directly traceable to a software unit created in this stage The implementer develops and documents a design for all interfaces Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

28 The Software Detailed Design Process (7.1.4)
Just as in the architectural design phase, the implementer produces a detailed design for the database And updates the user documentation The standard requires the implementer to define and document the specific testing qualification requirements for each component in the design These test requirements must stress the software unit to its reasonable limits The implementer then updates the schedule for software integration Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

29 Detail of Software Detailed Design Activity
Nearly all detailed design methodologies have certain underlying principles: Abstraction Cohesion Coupling Decomposition Encapsulation Information hiding IEEE 1016 provides an example table of contents in its Annex A Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

30 Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

31 Detail of Software Detailed Design Activity
The IEEE 1016 standard recommends 12 specific views: 1. Context 2. Composition 3. Logical 4. Dependency 5. Information 6. Patterns 7. Interface 8. Structure Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

32 Detail of Software Detailed Design Activity
The IEEE 1016 standard recommends 12 specific views (cont’d): 9. Interaction 10. State dynamics 11. Algorithm 12. Resource Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

33 The Software Construction Process (7.1.5)
During this process, the implementer writes the code and creates a full set of documentation for each of the software items and database units Then, test procedures are conducted and data from each test is recorded The standard requires that all of these elements be evaluated based on criteria of traceability, external and internal consistency, appropriateness of the methodology and standards employed, and feasibility Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

34 Detail of Software Construction Activity
Failure to follow structured software engineering practices and principles often leads to confusion and chaos Four practical considerations are needed during software construction: Construction design Construction languages Coding Construction testing Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

35 Detail of Software Construction Activity
Construction languages can be considered one of four types: Configuration languages Toolkit languages Programming languages Domain-specific languages Techniques applied during the construction process include: Resource management, proper use of data structures, proper reuse practices, and general software engineering best practices Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

36 Detail of Software Construction Activity
Software construction normally includes three types of testing: Unit testing - handled as part of the construction activity Integration testing - included in the software integration process Qualification testing - part of software qualification testing Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

37 The Software Integration Process (7.1.6)
The implementer must bring software units together into a complete system using a fully documented software integration plan Plan must integrate the components developed in the coding phase into a single piece of software The plan must include: Test requirements, procedures, data, responsibilities, and schedule Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

38 Detail of Software Integration Activity
At the conclusion of this activity: Software units are pieced together and tested to ensure compatibility between each unit Success depends on developing an integration plan Also called a test plan or software quality assurance plan Integration plan should include a description of the test environment, a rationale, and data recording and analysis procedures for each integration and qualification test case Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

39 Detail of Software Integration Activity
The integration plan should also: Identify the software and system requirements addressed by each test case Ensure that all software requirements are included as part of the qualification testing process Include the appropriate time to begin qualification testing Provide details regarding pretest procedures, roles, and responsibilities Include test documentation Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

40 Detail of Software Integration Activity
The IEEE 829 standard provides detailed descriptions of each section of the software test plan ISO/IEC is currently being developed to replace IEEE 829 and is comprised of: Part 1: Definitions & vocabulary Part 2: Test process Part 3: Test documentation Part 4: Test techniques Part 5: Process assessment model for software testing processes Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

41 Detail of Software Integration Activity
The ISO standard requires the user documentation to be updated based on discoveries made during integration testing Software reviews should also be conducted The implementer should conduct a “dry run” of all qualification test cases and procedures To ensure the test documentation is correct and the software performs as expected Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

42 Software Qualification Testing (7.1.7)
Software qualification testing: the process of identifying and documenting the specific needs of a software product To determine whether the product meets the qualification requirements itemized in the design process The implementer must support and document all audits in accordance with ISO 12207 If an audit is done successfully, the standard contains delivery requirements Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

43 Detail of Software Qualification Testing
The outcome of software qualification testing is to provide a definitive answer to two questions: 1. Does the software meet the requirements of the software requirements specification? 2. Do the requirements and the resulting software meet the intended quality needs of the acquiring organization? The primary purpose of software qualification testing is to demonstrate compliance with levels of design, performance, and quality Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

44 Detail of Software Qualification Testing
The tests are intended to demonstrate the system meets or exceeds the requirements of the acquiring organization The tests must be designed to evaluate compliance with the software requirement specification As well as with the requirements of the acquiring organization and its own standards and legal obligations Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

45 Summary Software implementation is the software-specific specialization of the ISO standard The results of implementation planning are documented and maintained under configuration management In software requirements analysis, the need for software and other established system requirements are analyzed to identify software requirements Software requirements must be traceable to and consistent with the requirements identified and developed through the technical process Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

46 Summary Software requirements include specifications for functionality, performance, security, safety, interfaces, databases, qualification requirements, operations, maintenance, and user documentation The software detailed design process translates the components detailed in software architecture into lower levels of abstraction necessary for coding Software construction uses the detailed design of each software component to code and test the software according to specification Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

47 Summary In the software integration process, a documented plan is developed and executed for the integration of each software unit Software qualification testing uses a series of audits to verify that the software requirements have been satisfied and to validate that the software has been developed in accordance with its intended use and at an appropriate level of quality Cybersecurity: Engineering a Secure Information Technology Organization, 1st Edition

Download ppt "Chapter 6 Software Implementation Process Group"

Similar presentations

Database Planning, Design, and Administration

Database Planning, Design, and Administration
Ossi Taipale, Lappeenranta University of Technology

Ossi Taipale, Lappeenranta University of Technology
Software Quality Assurance Plan

Software Quality Assurance Plan
Chapter 2 – Software Processes

Chapter 2 – Software Processes
More CMM Part Two : Details.

More CMM Part Two : Details.
Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall Essentials of Systems Analysis and Design Fourth Edition Joseph S. Valacich Joey F.

Copyright © 2009 Pearson Education, Inc. Publishing as Prentice Hall Essentials of Systems Analysis and Design Fourth Edition Joseph S. Valacich Joey F.
July 11 th, 2005 Software Engineering with Reusable Components RiSE’s Seminars Sametinger’s book :: Chapters 16, 17 and 18 Fred Durão.

July 11 th, 2005 Software Engineering with Reusable Components RiSE’s Seminars Sametinger’s book :: Chapters 16, 17 and 18 Fred Durão.
Creating Architectural Descriptions. Outline Standardizing architectural descriptions: The IEEE has published, “Recommended Practice for Architectural.

Creating Architectural Descriptions. Outline Standardizing architectural descriptions: The IEEE has published, “Recommended Practice for Architectural.
Pertemuan 11-12 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Lecture Nine Database Planning, Design, and Administration

Lecture Nine Database Planning, Design, and Administration
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Database System Development Lifecycle Transparencies

Database System Development Lifecycle Transparencies
Introduction to Software Testing

Introduction to Software Testing
Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.

Architectural Design Establishing the overall structure of a software system Objectives To introduce architectural design and to discuss its importance.
Handouts Software Testing and Quality Assurance Theory and Practice Chapter 11 System Test Design ------------------------------------------------------------------

Handouts Software Testing and Quality Assurance Theory and Practice Chapter 11 System Test Design
CSSE 375 Software Construction and Evolution: Configuration Management

CSSE 375 Software Construction and Evolution: Configuration Management
Codex Guidelines for the Application of HACCP

Codex Guidelines for the Application of HACCP
What is Software Architecture?

What is Software Architecture?
What is Business Analysis Planning & Monitoring?

What is Business Analysis Planning & Monitoring?
Developing Enterprise Architecture

Developing Enterprise Architecture

Similar presentations

Ads by Google